funktion_schichtplan_Tage.php: endlosscheliede bei nur einer schicht

secure.php: filterung noict komplett git-svn-id: svn://svn.cccv.de/engel-system@28 29ba0400-6e00-0410-a75a-ca02368028f8
2005-11-09 16:05:28 +00:00 · 2005-11-09 16:05:28 +00:00 · 1d219f5c77
parent 7e5f4a3332
commit 1d219f5c77
2 changed files with 10 additions and 7 deletions
--- a/www-ssl/inc/funktion_schichtplan_Tage.php
+++ b/www-ssl/inc/funktion_schichtplan_Tage.php
@ -55,12 +55,15 @@ do
 		"WHERE ( (`DateS` like '$DateS%') AND NOT (`DateE` like '%00:00:00'))";
 	$Erg2 = mysql_query($SQL2, $con);
 	$DateE = substr(mysql_result($Erg2, 0 , 0), 0,10);
-	
-	while( $DateS != $DateE)
-	{
-		$DateS = DatumUm1TagErhoehen( $DateS);
-		$VeranstaltungsTage[$Pos++] = $DateS;
-	}
+
+	if( strlen($DateE) == 0)
+		$DateE = $DateS;
+	else
+		while( $DateS != $DateE)
+		{
+			$DateS = DatumUm1TagErhoehen( $DateS);
+			$VeranstaltungsTage[$Pos++] = $DateS;
+		}

 	//suchen den nästen eintrag
 	$SQL = "SELECT `DateS` FROM `Shifts` ".
--- a/www-ssl/inc/secure.php
+++ b/www-ssl/inc/secure.php
@ -10,7 +10,7 @@ foreach ($_GET as $k => $v)
  	$v = htmlspecialchars($v);
 	$v = mysql_escape_string($v);
 //	$v = htmlentities($v);
-	if (preg_match('/([\"`])/', $v, $match)) 
+	if (preg_match('/([\'"`\'])/', $v, $match)) 
 	{
 		print "sorry get has illegal char '$match[1]'";
 		exit;